Specifications
WAN Configuration 4-5
4.2 Configuring the WS2000 Firewall
The WS2000 Wireless Switch provides a secure firewall/Network Address Translation (NAT) solution for the
WAN uplink. The firewall includes a proprietary CyberDefense Engine to protect internal networks from
known Internet attacks. It also provides additional protection by performing source routing, IP unaligned
timestamp, and sequence number prediction. The firewall uses a collection of filters to screen information
packets for known types of system attacks. Some of the switch’s filters are always enabled, and others are
configurable.
To view or change the firewall settings, select Network Configuration --> Firewall from the left menu.
4.2.1 Disabling the Firewall
The firewall can be enabled or disabled with one click. Check Disable Firewall if the filters should not be
active. By default the firewall is enabled.
4.2.2 Setting the NAT Timeout
4.2.2.1 TCP Default Timeout
The TCP Default Timeout field is used to set the NAT timeout value. The table below TCP Default
Timeout field enables you to setup the NAT timeout values based on the Port and the protocol used. If the
table has no rows, the timeout value entered in the TCP Default Timeout is used for all protocols and ports.
In WS2000 Wireless Switch, the NAT timeout configuration is global for any TCP/IP packet going through the
firewall. This configuration restricts the type of UDP or TCP applications that can be used with WS2000.